89 matches found
PHP 4 multiple function buffer overflows
Buffer overflows in mb functions...
JVN#50327700 PHP vulnerable to cross-site scripting
PHP is an open source scripting language that is especially suited for Web development. PHP contains a cross-site scripting vulnerability as it does not properly handle errors. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...
Gentoo Security Advisory GLSA 200603-22 (php)
The remote host is missing updates announced in advisory GLSA 200603-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gonafish LinksCaffePRO 4.5 (index.php) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== Gonafish LinksCaffePRO 4.5 index.php SQL Injection Vulnerability ================================================================== /\ \ /\ \ \ /\ /\ \ //\ \ \ \ \ \ \ ...
gonafish-sql.txt
/\ \ /\ \ \ /\ /\ \ //\ \ \ \ \ \ \ \ \ \ \ /',\ \ \ \ \ \ \ \ /\ /'\ /'\ \ \ \ /\ ,\ /, \ \ \ \ ,\ \ \ \ // / // /\//\///\/\ \ \/\ // // // //////// //// security breakd0wn! Title: Gonafish LinksCaffePRO 4.5 index.php SQL Injection Vulnerability Vendor:...
php -- readfile() DoS vulnerability
The remote host is missing an update to the system as announced in the referenced advisory. VID 07f3fe15-a9de-11d9-a788-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
php escapeshellcmd multibyte encoding vulnerability analysis and extension-a vulnerability warning-the black bar safety net
漏洞 公告 在 http://www.sektioneins.de/advisories/SE-2008-03.txt PHP 5 = 5.2.5 PHP 4 = 4.4.8 Some allow as GBK, EUC-KR, SJIS, etc. wide byte character set systems may be affected by this impact, the impact is still very large, the domestic virtual host should be the pass to kill, in testing this...
teldir-delete.txt
!/usr/bin/perl -w Telephone Directory 2008 see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya ---------------------------------------------------------------------------- TITLE: PerlSploit Class REQUIREMENTS: PHP 4 /...
Telephone Directory 2008 Arbitrary Delete Contact Exploit
No description provided by source. !/usr/bin/perl -w Telephone Directory 2008 = Arbitrary Delete Contact Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya...
Telephone Directory 2008 Arbitrary Delete Contact Exploit
No description provided by source. !/usr/bin/perl -w Telephone Directory 2008 = Arbitrary Delete Contact Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya...
phpBookingCalendar 10 d - SQL Injection
phpBookingCalendar 10 d - SQL Injection Portal :PHP Booking Calendar 10 d sql/upload Exploit Modified 2008 Download : https://sourceforge.net/project/showfiles.php?groupid=132702 exploit aported password crypted Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani...
archangelweblog-sql.txt
!/usr/bin/perl -w Portal : Archangel Weblog 0.90.02 Download : http://www.archangelmgt.com/ArchangelWeblogv09002.zip exploit aported password crypted mgharba :d:d:d:d Founded & Exploited by : Stack-Terrorist v40 Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & Str0ke & All...
CVE-2008-2108
The GENERATESEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against...
Coppermine Photo Gallery <= 1.4.14 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =============================================================== Coppermine Photo Gallery table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print...
Design/Logic Flaw
The disablefunctions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using inialter when iniset is disabled...
Verlihub Control Panel 1.7.x - Local File Inclusion
Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE dchub.nemesis.te-home.net:4120 Bug: Line: 27 - iniset"magicquotesgpc","1"; ............................ Line: 71 - $pagename = isset$GET'page' ? $GET'page' :...
Verlihub Control Panel <= 1.7.x Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================== Verlihub Control Panel dchub.nemesis.te-home.net:4120 Bug: Line: 27 - iniset"magicquotesgpc","1"; ............................ Line: 71 - $pagename = isset$GET'page' ?...
Format string
The moneyformat function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple 1 %i and 2 %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability...
CVE-2007-4658
The moneyformat function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple 1 %i and 2 %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability...
Design/Logic Flaw
The 1 MySQL and 2 MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safemode and openbasedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE...